Class: AWSCDK::PCAConnectorAD::CfnTemplate::PrivateKeyFlagsV4Property

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
pca_connector_ad/cfn_template.rb

Overview

Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client_version:, exportable_key: nil, require_alternate_signature_algorithm: nil, require_same_key_renewal: nil, strong_key_protection_required: nil, use_legacy_provider: nil) ⇒ PrivateKeyFlagsV4Property

Returns a new instance of PrivateKeyFlagsV4Property.

Parameters:

  • client_version (String)

    Defines the minimum client compatibility.

  • exportable_key (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Allows the private key to be exported.

  • require_alternate_signature_algorithm (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.

  • require_same_key_renewal (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Renew certificate using the same private key.

  • strong_key_protection_required (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Require user input when using the private key for enrollment.

  • use_legacy_provider (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Specifies the cryptographic service provider category used to generate private keys.



1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
# File 'pca_connector_ad/cfn_template.rb', line 1741

def initialize(client_version:, exportable_key: nil, require_alternate_signature_algorithm: nil, require_same_key_renewal: nil, strong_key_protection_required: nil, use_legacy_provider: nil)
  @client_version = client_version
  Jsii::Type.check_type(@client_version, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "clientVersion")
  @exportable_key = exportable_key
  Jsii::Type.check_type(@exportable_key, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "exportableKey") unless @exportable_key.nil?
  @require_alternate_signature_algorithm = require_alternate_signature_algorithm
  Jsii::Type.check_type(@require_alternate_signature_algorithm, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "requireAlternateSignatureAlgorithm") unless @require_alternate_signature_algorithm.nil?
  @require_same_key_renewal = require_same_key_renewal
  Jsii::Type.check_type(@require_same_key_renewal, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "requireSameKeyRenewal") unless @require_same_key_renewal.nil?
  @strong_key_protection_required = strong_key_protection_required
  Jsii::Type.check_type(@strong_key_protection_required, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "strongKeyProtectionRequired") unless @strong_key_protection_required.nil?
  @use_legacy_provider = use_legacy_provider
  Jsii::Type.check_type(@use_legacy_provider, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "useLegacyProvider") unless @use_legacy_provider.nil?
end

Instance Attribute Details

#client_versionString (readonly)

Defines the minimum client compatibility.



1760
1761
1762
# File 'pca_connector_ad/cfn_template.rb', line 1760

def client_version
  @client_version
end

#exportable_keyBoolean, ... (readonly)

Allows the private key to be exported.



1765
1766
1767
# File 'pca_connector_ad/cfn_template.rb', line 1765

def exportable_key
  @exportable_key
end

#require_alternate_signature_algorithmBoolean, ... (readonly)

Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.



1770
1771
1772
# File 'pca_connector_ad/cfn_template.rb', line 1770

def require_alternate_signature_algorithm
  @require_alternate_signature_algorithm
end

#require_same_key_renewalBoolean, ... (readonly)

Renew certificate using the same private key.



1775
1776
1777
# File 'pca_connector_ad/cfn_template.rb', line 1775

def require_same_key_renewal
  @require_same_key_renewal
end

#strong_key_protection_requiredBoolean, ... (readonly)

Require user input when using the private key for enrollment.



1780
1781
1782
# File 'pca_connector_ad/cfn_template.rb', line 1780

def strong_key_protection_required
  @strong_key_protection_required
end

#use_legacy_providerBoolean, ... (readonly)

Specifies the cryptographic service provider category used to generate private keys.

Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.



1787
1788
1789
# File 'pca_connector_ad/cfn_template.rb', line 1787

def use_legacy_provider
  @use_legacy_provider
end

Class Method Details

.jsii_propertiesObject



1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
# File 'pca_connector_ad/cfn_template.rb', line 1789

def self.jsii_properties
  {
    :client_version => "clientVersion",
    :exportable_key => "exportableKey",
    :require_alternate_signature_algorithm => "requireAlternateSignatureAlgorithm",
    :require_same_key_renewal => "requireSameKeyRenewal",
    :strong_key_protection_required => "strongKeyProtectionRequired",
    :use_legacy_provider => "useLegacyProvider",
  }
end

Instance Method Details

#to_jsiiObject



1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
# File 'pca_connector_ad/cfn_template.rb', line 1800

def to_jsii
  result = {}
  result.merge!({
    "clientVersion" => @client_version,
    "exportableKey" => @exportable_key,
    "requireAlternateSignatureAlgorithm" => @require_alternate_signature_algorithm,
    "requireSameKeyRenewal" => @require_same_key_renewal,
    "strongKeyProtectionRequired" => @strong_key_protection_required,
    "useLegacyProvider" => @use_legacy_provider,
  })
  result.compact
end